Stochastic hybrid system : modelling and verification

Hybrid systems now form a classical computational paradigm unifying discrete and continuous system aspects. The modelling, analysis and verification of these systems are very difficult. One way to reduce the complexity of hybrid system models is to consider randomization. The need for stochastic models has actually multiple motivations. Usually, when building models complete information is not available and we have to consider stochastic versions. Moreover, non-determinism and uncertainty are inherent to complex systems. The stochastic approach can be thought of as a way of quantifying non-determinism (by assigning a probability to each possible execution branch) and managing uncertainty. This is built upon to the - now classical - approach in algorithmics that provides polynomial complexity algorithms via randomization. In this thesis we investigate the stochastic hybrid systems, focused on modelling and analysis. We propose a powerful unifying paradigm that combines analytical and formal methods. Its applications vary from air traffic control to communication networks and healthcare systems. The stochastic hybrid system paradigm has an explosive development. This is because of its very powerful expressivity and the great variety of possible applications. Each hybrid system model can be randomized in different ways, giving rise to many classes of stochastic hybrid systems. Moreover, randomization can change profoundly the mathematical properties of discrete and continuous aspects and also can influence their interaction. Beyond the profound foundational and semantics issues, there is the possibility to combine and cross-fertilize techniques from analytic mathematics (like optimization, control, adaptivity, stability, existence and uniqueness of trajectories, sensitivity analysis) and formal methods (like bisimulation, specification, reachability analysis, model checking). These constitute the major motivations of our research. We investigate new models of stochastic hybrid systems and their associated problems. The main difference from the existing approaches is that we do not follow one way (based only on continuous or discrete mathematics), but their cross-fertilization. For stochastic hybrid systems we introduce concepts that have been defined only for discrete transition systems. Then, techniques that have been used in discrete automata now come in a new analytical fashion. This is partly explained by the fact that popular verification methods (like theorem proving) can hardly work even on probabilistic extensions of discrete systems. When the continuous dimension is added, the idea to use continuous mathematics methods for verification purposes comes in a natural way. The concrete contribution of this thesis has four major milestones: 1. A new and a very general model for stochastic hybrid systems; 2. Stochastic reachability for stochastic hybrid systems is introduced together with an approximating method to compute reach set probabilities; 3. Bisimulation for stochastic hybrid systems is introduced and relationship with reachability analysis is investigated. 4. Considering the communication issue, we extend the modelling paradigm

Bisimulation Relations Between Automata, Stochastic Differential Equations and Petri Nets

Two formal stochastic models are said to be bisimilar if their solutions as a stochastic process are probabilistically equivalent. Bisimilarity between two stochastic model formalisms means that the strengths of one stochastic model formalism can be used by the other stochastic model formalism. The aim of this paper is to explain bisimilarity relations between stochastic hybrid automata, stochastic differential equations on hybrid space and stochastic hybrid Petri nets. These bisimilarity relations make it possible to combine the formal verification power of automata with the analysis power of stochastic differential equations and the compositional specification power of Petri nets. The relations and their combined strengths are illustrated for an air traffic example.Comment: 15 pages, 4 figures, Workshop on Formal Methods for Aerospace (FMA), EPTCS 20m 201

Modelling and Control of Complex Cyber-Physical Ecosystems

In this paper, we set up a mathematical framework for the modelling and control of complex cyber-physical ecosystems. In our setting, cyber-physical ecosystems (CPES) are cyber-physical systems of systems that are highly connected. CPES are understood as open and adaptive cyber-physical infrastructures. These networked systems combine cyber-physical systems with an interaction mechanism with other systems and the environment (ecosystem capability). The main focus will be on modelling cyber and physical interfaces that play an important role on the control of the emergent properties like safety and security

Formalization and Validation of Safety-Critical Requirements

The validation of requirements is a fundamental step in the development process of safety-critical systems. In safety critical applications such as aerospace, avionics and railways, the use of formal methods is of paramount importance both for requirements and for design validation. Nevertheless, while for the verification of the design, many formal techniques have been conceived and applied, the research on formal methods for requirements validation is not yet mature. The main obstacles are that, on the one hand, the correctness of requirements is not formally defined; on the other hand that the formalization and the validation of the requirements usually demands a strong involvement of domain experts. We report on a methodology and a series of techniques that we developed for the formalization and validation of high-level requirements for safety-critical applications. The main ingredients are a very expressive formal language and automatic satisfiability procedures. The language combines first-order, temporal, and hybrid logic. The satisfiability procedures are based on model checking and satisfiability modulo theory. We applied this technology within an industrial project to the validation of railways requirements

Stochastic safety for Markov chains

In this letter, we study the so-called p-safety of a Markov chain. We say that a state is p-safe in a state space S with respect to an unsafe set U if the process stays in the state space and hits the set U with the probability less than p. We show several ways of computing p-safety: by means the Dirichlet problem, the evolution equation, the barrier certificates, and the Martin kernel. The set of barrier certificates forms a cone. We show how to generate barrier certificates from the set of extreme points of a cone base

Implementing Multi-Periodic Critical Systems: from Design to Code Generation

This article presents a complete scheme for the development of Critical Embedded Systems with Multiple Real-Time Constraints. The system is programmed with a language that extends the synchronous approach with high-level real-time primitives. It enables to assemble in a modular and hierarchical manner several locally mono-periodic synchronous systems into a globally multi-periodic synchronous system. It also allows to specify flow latency constraints. A program is translated into a set of real-time tasks. The generated code (\C\ code) can be executed on a simple real-time platform with a dynamic-priority scheduler (EDF). The compilation process (each algorithm of the process, not the compiler itself) is formally proved correct, meaning that the generated code respects the real-time semantics of the original program (respect of periods, deadlines, release dates and precedences) as well as its functional semantics (respect of variable consumption).Comment: 15 pages, published in Workshop on Formal Methods for Aerospace (FMA'09), part of Formal Methods Week 2009